Summary of network intrusion detection systems based on deep learning

doi:10.11772/j.issn.1001-9081.2024020229

Journal of Computer Applications ›› 2025, Vol. 45 ›› Issue (2): 453-466.DOI: 10.11772/j.issn.1001-9081.2024020229

• Cyber security • Previous Articles Next Articles

Summary of network intrusion detection systems based on deep learning

Miaolei DENG¹^,², Yupei KAN¹^,²(), Chuanchuan SUN¹^,², Haihang XU¹^,², Shaojun FAN¹^,², Xin ZHOU¹^,²

^1.College of Information Science and Engineering，Henan University of Technology，Zhengzhou Henan 450001，China
^2.Henan International Joint Laboratory of Grain Information Processing，Zhengzhou Henan 450001，China

Received:2024-03-06 Revised:2024-05-15 Accepted:2024-05-20 Online:2024-07-19 Published:2025-02-10
Contact: Yupei KAN
About author:DENG Miaolei， born in 1977， Ph. D.， professor. His research interests include information security， internet of things.
SUN Chuanchuan， born in 1998， M. S. candidate. His research interests include deep learning， information security.
XU Haihang， born in 1999， M. S. candidate. His research interests include deep learning， intrusion detection.
FAN Shaojun， born in 2001， M. S. candidate. Her research interests include deep learning， intrusion detection.
ZHOU Xin， born in 1999， M. S. candidate. His research interests include deep learning， information security.
Supported by:
National Natural Science Foundation of China(62276091);Henan Province Science and Technology Research Project(232102210132)

基于深度学习的网络入侵检测系统综述

邓淼磊¹^,², 阚雨培¹^,²(), 孙川川¹^,², 徐海航¹^,², 樊少珺¹^,², 周鑫¹^,²

^1.河南工业大学信息科学与工程学院，郑州 450001
^2.河南省粮食信息处理国际联合实验室，郑州 450001

通讯作者: 阚雨培
作者简介:邓淼磊（1977—），男，河南南阳人，教授，博士，CCF杰出会员，主要研究方向：信息安全、物联网
孙川川（1998—），男，河南郑州人，硕士研究生，CCF会员，主要研究方向：深度学习、信息安全
徐海航（1999—），男，河南周口人，硕士研究生，CCF会员，主要研究方向：深度学习、入侵检测
樊少珺（2001—），女，河南南阳人，硕士研究生，CCF会员，主要研究方向：深度学习、入侵检测
周鑫（1999—），男，河南郑州人，硕士研究生，CCF会员，主要研究方向：深度学习、信息安全。
基金资助:
国家自然科学基金资助项目(62276091);河南省科技攻关项目(232102210132)

Abstract

Abstract:

Security mechanisms such as Intrusion Detection System （IDS） have been used to protect network infrastructure and communication from network attacks. With the continuous progress of deep learning technology， IDSs based on deep learning have become a research hotspot in the field of network security gradually. Through extensive literature research， a detailed introduction to the latest research progress in network intrusion detection using deep learning technology was given. Firstly， a brief overview of several IDSs was performed. Secondly， the commonly used datasets and evaluation metrics in deep learning-based IDSs were introduced. Thirdly， the commonly used deep learning models in network IDSs and their application scenarios were summarized. Finally， the problems faced in the current related research were discussed， and the future development directions were proposed.

Key words: network security, intrusion detection, deep learning, anomaly detection, network Intrusion Detection System (IDS)

摘要：

入侵检测系统（IDS）等安全机制已被用于保护网络基础设施和网络通信免受网络攻击。随着深度学习技术的不断进步，基于深度学习的IDS逐渐成为网络安全领域的研究热点。通过对文献广泛调研，详细介绍利用深度学习技术进行网络入侵检测的最新研究进展。首先，简要概述当前几种IDS；其次，介绍基于深度学习的IDS中常用的数据集和评价指标；然后，总结网络IDS中常用的深度学习模型及其应用场景；最后，探讨当前相关研究面临的问题，并提出未来的发展方向。

关键词: 网络安全, 入侵检测, 深度学习, 异常检测, 网络入侵检测系统

CLC Number:

TP393.08

Miaolei DENG, Yupei KAN, Chuanchuan SUN, Haihang XU, Shaojun FAN, Xin ZHOU. Summary of network intrusion detection systems based on deep learning[J]. Journal of Computer Applications, 2025, 45(2): 453-466.

邓淼磊, 阚雨培, 孙川川, 徐海航, 樊少珺, 周鑫. 基于深度学习的网络入侵检测系统综述[J]. 《计算机应用》唯一官方网站, 2025, 45(2): 453-466.

Figures/Tables 7

References 102

1	LV Z， QIAO L， LI J， et al. Deep-learning-enabled security issues in the internet of things［J］. IEEE Internet of Things Journal， 2021， 8（12）： 9531-9538.
2	BAJPAI P， SOOD A K， ENBODY R J. The art of mapping IoT devices in networks［J］. Network Security， 2018， 2018（4）： 8-15.
3	P Anderson Company JAMES. Computer security threat monitoring and surveillance［R/OL］. ［2023-12-10］..
4	FANG L， LI Y， LIU Z， et al. A practical model based on anomaly detection for protecting medical IoT control services against external attacks［J］. IEEE Transactions on Industrial Informatics， 2021， 17（6）： 4260-4269.
5	MICHIE D， SPIEGELHALTER D J， TAYLOR C C， et al. Machine learning， neural and statistical classification［M］. Upper Saddle River， NJ： Ellis Horwood， 1995.
6	AL-OMARI M， RAWASHDEH M， QUTAISHAT F， et al. An intelligent tree-based intrusion detection model for cyber security［J］. Journal of Network and Systems Management， 2021， 29： No.20.
7	ALAM S， SONBHADRA S K， AGARWAL S， et al. One-class support vector classifiers： a survey［J］. Knowledge-Based Systems， 2020， 196： No.105754.
8	程超，武静凯，陈梅. 一种基于RBM-SVM算法的无线传感网络入侵检测算法［J］. 计算机应用与软件， 2022， 39（5）： 325-329.
	CHENG C， WU J K， CHEN M. An intrusion detection algorithm for wireless sensor network based on RBM-SVM algorithm［J］. Computer Applications and Software， 2022， 39（5）： 325-329.
9	张昊，张小雨，张振友，等. 基于深度学习的入侵检测模型综述［J］. 计算机工程与应用， 2022， 58（6）： 17-28.
	ZHANG H， ZHANG X Y， ZHANG Z Y， et al. Summary of intrusion detection models based on deep learning［J］. Computer Engineering and Applications， 2022， 58（6）： 17-28.
10	WANG N， CHEN Y， XIAO Y， et al. MANDA： on adversarial example detection for network intrusion detection system［J］. IEEE Transactions on Dependable and Secure Computing， 2023， 20（2）： 1139-1153.
11	刘拥民，杨钰津，罗皓懿，等. 基于双向循环生成对抗网络的无线传感网入侵检测方法［J］. 计算机应用， 2023， 43（1）： 160-168.
	LIU Y M， YANG Y J， LUO H Y， et al. Intrusion detection method for wireless sensor network based on bidirectional circulation generative adversarial network［J］. Journal of Computer Applications， 2023， 43（1）： 160-168.
12	MOHAMMADPOUR L， LING T C， LIEW C S， et al. A survey of CNN-based network intrusion detection［J］. Applied Sciences， 2022， 12（16）： No.8162.
13	白万荣，魏峰，郑广远，等. 基于TCN-BiLSTM的入侵检测算法研究［J］. 计算机科学， 2023， 50（11A）： No.230300142.
	BAI W R， WEI F， ZHENG G Y， et al. Study on intrusion detection algorithm based on TCN-BiLSTM［J］. Computer Science， 2023， 50（11A）： No.230300142.
14	DENNING D E. An intrusion-detection model［J］. IEEE Transactions on Software Engineering， 1987， SE-13（2）： 222-232.
15	LIN Y， ZHANG Y， OU Y J. The design and implementation of host-based intrusion detection system［C］// Proceedings of the 3rd International Symposium on Intelligent Information Technology and Security Informatics. Piscataway： IEEE， 2010： 595-598.
16	HAMED T， DARA R， KREMER S C. Network intrusion detection system based on recursive feature addition and bigram technique［J］. Computers and Security， 2018， 73： 137-155.
17	EDEH D I. Network intrusion detection system using deep learning technique［D/OL］. ［2023-12-10］..
18	THAKKAR A， LOHIYA R. A survey on intrusion detection system： feature selection， model， performance measures， application perspective， challenges， and future research directions［J］. Artificial Intelligence Review， 2022， 55（1）： 453-563.
19	WU P. Deep learning for network intrusion detection： attack recognition with computational intelligence［D/OL］. ［2023-12-10］..
20	VASILOMANOLAKIS E， KARUPPAYAH S， MÜHLHÄUSER M， et al. Taxonomy and survey of collaborative intrusion detection［J］. ACM Computing Surveys， 2015， 47（4）： No.55.
21	TAVALLAEE M， BAGHERI E， LU W， et al. A detailed analysis of the KDD CUP 99 data set［C］// Proceedings of the 2009 IEEE Symposium on Computational Intelligence for Security and Defense Applications. Piscataway： IEEE， 2009： 1-6.
22	PROTIĆ DD. Review of KDD Cup’99， NSL-KDD and Kyoto 2006+ datasets［J］. Vojnotehnički glasnik/Military Technical Courier， 2018， 66（3）： 580-596.
23	MOUSTAFA N， SLAY J. UNSW-NB15： a comprehensive data set for network intrusion detection systems （UNSW-NB15 network data set）［C］// Proceedings of the 2015 Military Communications and Information Systems Conference. Piscataway： IEEE， 2015： 1-6.
24	SHARAFALDIN I， LASHKARI A H， GHORBANI A A. Toward generating a new intrusion detection dataset and intrusion traffic characterization［C］// Proceedings of the 4th International Conference on Information Systems Security and Privacy. Setúbal： SciTePress， 2018： 108-116.
25	DONG B， WANG X. Comparison deep learning method to traditional methods using for network intrusion detection［C］// Proceedings of the 8th IEEE International Conference on Communication Software and Networks. Piscataway： IEEE， 2016： 581-585.
26	DENG L. A tutorial survey of architectures， algorithms， and applications for deep learning［J］. APSIPA Transactions on Signal and Information Processing， 2014， 3： No.e2.
27	KASONGO S M. A deep learning technique for intrusion detection system using a Recurrent Neural Networks based framework［J］. Computer Communications， 2023， 199： 113-125.
28	WEI W， CHEN Y， LIN Q， et al. Multi-objective evolving long-short term memory networks with attention for network intrusion detection［J］. Applied Soft Computing， 2023， 139： No.110216.
29	DONKOL AA E B， HAFEZ A G， HUSSEIN A I， et al. Optimization of intrusion detection using likely point PSO and enhanced LSTM-RNN hybrid technique in communication networks［J］. IEEE Access， 2023， 11： 9469-9482.
30	SYED N F， GE M， BAIG Z. Fog-cloud based intrusion detection system using Recurrent Neural Networks and feature selection for IoT networks［J］. Computer Networks， 2023， 225： No.109662.
31	MUSHTAQ E， ZAMEER A， UMER M， et al. A two-stage intrusion detection system with auto-encoder and LSTMs［J］. Applied Soft Computing， 2022， 121： No.108768.
32	MUSHTAQ E， ZAMEER A， NASIR R. Knacks of a hybrid anomaly detection model using deep auto-encoder driven gated recurrent unit［J］. Computer Networks， 2023， 226： No.109681.
33	KANNA P R， SANTHI P. Hybrid intrusion detection using MapReduce based black widow optimized convolutional long short-term memory neural networks［J］. Expert Systems with Applications， 2022， 194： No.116545.
34	UDAS P B， KARIM M E， ROY K S. SPIDER：a shallow PCA based network intrusion detection system with enhanced recurrent neural networks［J］. Journal of King Saud University — Computer and Information Sciences， 2022， 34（10 Pt B）： 10246-10272.
35	WANG W， DU X， SHAN D， et al. Cloud intrusion detection method based on stacked contractive auto-encoder and support vector machine［J］. IEEE Transactions on Cloud Computing， 2022， 10（3）： 1634-1646.
36	MUHAMMAD G， HOSSAIN M S， GARG S. Stacked autoencoder-based intrusion detection system to combat financial fraudulent［J］. IEEE Internet of Things Journal， 2023， 10（3）： 2071-2078.
37	BALASUBRAMANIAM S， VIJESH JOE C， SIVAKUMAR T A， et al. Optimization enabled deep learning-based DDoS attack detection in cloud computing［J］. International Journal of Intelligent Systems， 2023， 2023： No.2039217.
38	LIU C， ANTYPENKO R， SUSHKO I， et al. Intrusion detection system after data augmentation schemes based on the VAE and CVAE［J］. IEEE Transactions on Reliability， 2022， 71（2）： 1000-1010.
39	BOPPANA T K， BAGADE P. GAN-AE： an unsupervised intrusion detection system for MQTT networks［J］. Engineering Applications of Artificial Intelligence， 2023， 119： No.105805.
40	VAIYAPURI T， BINBUSAYYIS A. Application of deep autoencoder as an one-class classifier for unsupervised network intrusion detection： a comparative evaluation［J］. PeerJ Computer Science， 2020， 6： No.e327.
41	COLI G O， AINA S， OKEGBILE S D， et al. DDoS attacks detection in the IoT using deep Gaussian-Bernoulli restricted Boltzmann machine［J］. Modern Applied Science， 2022， 16（2）： 12-22.
42	DE ROSA G H， RODER M， SANTOS D F S， et al. Enhancing anomaly detection through restricted Boltzmann machine features projection［J］. International Journal of Information Technology， 2021， 13（1）： 49-57.
43	HONG L， HAN B. Intrusion detection method based on constrained Boltzmann machine and delayed decision［C］// Proceedings of the 6th International Conference on Electronic Information Technology and Computer Engineering. New York： ACM， 2022： 979-985.
44	MAYURANATHAN M， MURUGAN M， DHANAKOTI V. RETRACTED ARTICLE： best features based intrusion detection system by RBM model for detecting DDoS in cloud environment［J］. Journal of Ambient Intelligence and Humanized Computing， 2021， 12（3）： 3609-3619.
45	ZHANG H， LI Y， LV Z， et al. A real-time and ubiquitous network attack detection based on deep belief network and support vector machine［J］. IEEE/CAA Journal of Automatica Sinica， 2020， 7（3）： 790-799.
46	CHEN A， FU Y， ZHENG X， et al. An efficient network behavior anomaly detection using a hybrid DBN-LSTM network［J］. Computers and Security， 2022， 114： No.102600.
47	SARKAR N， KESERWANI P K， GOVIL M C. A better and fast cloud intrusion detection system using improved squirrel search algorithm and modified deep belief network［J］. Cluster Computing， 2024， 27： 1699-1718.
48	ALISSA K A， SHAIBA H， GADDAH A， et al. Feature subset selection hybrid deep belief network based cybersecurity intrusion detection model［J］. Electronics， 2022， 11（19）： No.3077.
49	KANUMALLI S S， LAVANYA K， RAJESWARI A， et al. A scalable network intrusion detection system using Bi-LSTM and CNN［C］// Proceedings of the 3rd International Conference on Artificial Intelligence and Smart Energy. Piscataway： IEEE， 2023： 1-6.
50	CHEN Y， LIN Q， WEI W， et al. Intrusion detection using multi-objective evolutionary convolutional neural network for internet of things in fog computing［J］. Knowledge-Based Systems， 2022， 244： No.108505.
51	WU Y， NIE L， WANG S， et al. Intelligent intrusion detection for internet of things security： a deep convolutional generative adversarial network-enabled approach［J］. IEEE Internet of Things Journal， 2023， 10（4）： 3094-3106.
52	ULLAH F， ULLAH S， SRIVASTAVA G， et al. IDS-INT： intrusion detection system using transformer-based transfer learning for imbalanced network traffic［J］. Digital Communications and Networks， 2024， 10（1）： 190-204.
53	REN K， YUAN S， ZHANG C， et al. CANET：a hierarchical CNN-Attention model for network intrusion detection［J］. Computer Communications， 2023， 205： 170-181.
54	EL-GHAMRY A， DARWISH A， HASSANIEN A E. An optimized CNN-based intrusion detection system for reducing risks in smart farming［J］. Internet of Things， 2023， 22： No.100709.
55	CHEN C， SONG Y， YUE S， et al. FCNN-SE： an intrusion detection model based on a fusion CNN and stacked ensemble［J］. Applied Sciences， 2022， 12（17）： No.8601.
56	PINGALE S V， SUTAR S R. Remora based Deep Maxout Network model for network intrusion detection using Convolutional Neural Network features［J］. Computers and Electrical Engineering， 2023， 110： No.108831.
57	PARK C， LEE J， KIM Y， et al. An enhanced AI-based network intrusion detection system using generative adversarial networks［J］. IEEE Internet of Things Journal， 2023， 10（3）： 2330-2345.
58	YUAN L， YU S， YANG Z， et al. A data balancing approach based on generative adversarial network［J］. Future Generation Computer Systems， 2023， 141： 768-776.
59	ZHU N， ZHAO G， YANG Y， et al. AEC_GAN： unbalanced data processing decision-making in network attacks based on ACGAN and machine learning［J］. IEEE Access， 2023， 11： 52452-52465.
60	LO W W， LAYEGHY S， SARHAN M， et al. E-GraphSAGE： a graph neural network based intrusion detection system for IoT［C］// Proceedings of the 2022 IEEE/IFIP Network Operations and Management Symposium. Piscataway： IEEE， 2022： 1-9.
61	LAN J， LU J Z， WAN G G， et al. E-minBatch GraphSAGE： an industrial internet attack detection model［J］. Security and Communication Networks， 2022， 2022： No.5363764.
62	CHANG L， BRANCO P. Graph-based solutions with residuals for intrusion detection： the modified E-GraphSAGE and E-ResGAT algorithm［EB/OL］. ［2023-12-10］..
63	CAVILLE E， LO W W， LAYEGHY S， et al. Anomal-E： a self-supervised network intrusion detection system based on graph neural networks［J］. Knowledge-Based Systems， 2022， 258： No.110030.
64	ALTAF T， WANG X， NI W， et al. NE-GConv： a lightweight node edge graph convolutional network for intrusion detection［J］. Computers and Security， 2023， 130： No.103285.
65	DUAN G， LV H， WANG H， et al. Application of a dynamic line graph neural network for intrusion detection with semisupervised learning［J］. IEEE Transactions on Information Forensics and Security， 2023， 18： 699-714.
66	ZHANG Y， YANG C， HUANG K， et al. Intrusion detection of industrial internet-of-things based on reconstructed graph neural networks［J］. IEEE Transactions on Network Science and Engineering， 2023， 10（5）： 2894-2905.
67	WANG Y， HAN Z， LI J， et al. BS-GAT： behavior similarity based graph attention network for network intrusion detection［EB/OL］. ［2023-12-10］..
68	KOLIAS C， KAMBOURAKIS G， STAVROU A， et al. Intrusion detection in 802.11 networks： empirical evaluation of threats and a public dataset［J］. IEEE Communications Surveys and Tutorials， 2016， 18（1）： 184-208.
69	GOH J， ADEPU S， JUNEJO K N， et al. A dataset to support research in the design of secure water treatment systems［C］// Proceedings of the 2016 International Conference on Critical Information Infrastructures Security， LNCS 10242. Cham： Springer， 2017： 88-99.
70	KORONIOTIS N， MOUSTAFA N， SITNIKOVA E， et al. Towards the development of realistic botnet dataset in the internet of things for network forensic analytics： Bot-IoT dataset［J］. Future Generation Computer Systems， 2019， 100： 779-796.
71	MOUSTAFA N. A new distributed architecture for evaluating AI-based security systems at the edge： network TON_IoT datasets［J］. Sustainable Cities and Society， 2021， 72： No.102994.
72	SARHAN M， LAYEGHY S， PORTMANN M. Towards a standard feature set for network intrusion detection system datasets［J］. Mobile Networks and Applications， 2022， 27（1）： 357-370.
73	SARHAN M， LAYEGHY S， MOUSTAFA N， et al. NetFlow datasets for machine learning-based network intrusion detection systems［C］// Proceedings of the 2020 International Conference on Big Data Technologies and Application， LNICST 371. Cham： Springer， 2021： 117-135.
74	GADZE J D， BAMFO-ASANTE A A， AGYEMANG J O， et al. An investigation into the application of deep learning in the detection and mitigation of DDOS attack on SDN controllers［J］. Technologies， 2021， 9（1）： No.14.
75	MAEDA S， KANAI A， TANIMOTO S， et al. A botnet detection method on SDN using deep learning［C］// Proceedings of the 2019 IEEE International Conference on Consumer Electronics. Piscataway： IEEE， 2019： 1-6.
76	SAHOO K S， TRIPATHY B K， NAIK K， et al. An evolutionary SVM model for DDOS attack detection in software defined networks［J］. IEEE Access， 2020， 8： 132502-132513.
77	CHAABOUNI N， MOSBAH M， ZEMMARI A， et al. Network intrusion detection for IoT security based on learning techniques［J］. IEEE Communications Surveys and Tutorials， 2019， 21（3）： 2671-2701.
78	ROY S， LI J， CHOI B J， et al. A lightweight supervised intrusion detection mechanism for IoT networks［J］. Future Generation Computer Systems， 2022， 127： 276-285.
79	SWARNA PRIYA R M， MADDIKUNTA P K R， PARIMALA M， et al. An effective feature engineering for DNN using hybrid PCA-GWO for intrusion detection in IoMT architecture［J］. Computer Communications， 2020， 160： 139-149.
80	DAVAHLI A， SHAMSI M， ABAEI G. Hybridizing genetic algorithm and grey wolf optimizer to advance an intelligent and lightweight intrusion detection system for IoT wireless networks［J］. Journal of Ambient Intelligence and Humanized Computing， 2020， 11（11）： 5581-5609.
81	LI W， MENG W， AU M H. Enhancing collaborative intrusion detection via disagreement-based semi-supervised learning in IoT environments［J］. Journal of Network and Computer Applications， 2020， 161： No.102631.
82	MOIZUDDIN M， VICTOR JOSE M. A bio-inspired hybrid deep learning model for network intrusion detection［J］. Knowledge-Based Systems， 2022， 238： No.107894.
83	LAMPE B， MENG W. A survey of deep learning-based intrusion detection in automotive applications［J］. Expert Systems with Applications， 2023， 221： No.119771.
84	HAN M L， KWAK B I， KIM H K. Event-triggered interval-based anomaly detection and attack identification methods for an in-vehicle network［J］. IEEE Transactions on Information Forensics and Security， 2021， 16： 2941-2956.
85	AVATEFIPOUR O， AL-SUMAITI A S， EL-SHERBEENY A M， et al. An intelligent secured framework for cyberattack detection in electric vehicles’ CAN bus using machine learning［J］. IEEE Access， 2019， 7： 127580-127592.
86	SONG H M， WOO J， KIM H K. In-vehicle network intrusion detection using deep convolutional neural network［J］. Vehicular Communications， 2020， 21： No.100198.
87	JEDH M， OTHMANE L BEN， AHMED N， et al. Detection of message injection attacks onto the can bus using similarities of successive messages-sequence graphs［J］. IEEE Transactions on Information Forensics and Security， 2021， 16： 4133-4146.
88	HANSELMANN M， STRAUSS T， DORMANN K， et al. CANet： an unsupervised intrusion detection system for high dimensional CAN bus data［J］. IEEE Access， 2020， 8： 58194-58205.
89	ABDULGANIYU O H， TCHAKOUCHT T AIT， SAHEED Y K. A systematic literature review for network Intrusion Detection System （IDS）［J］. International Journal of Information Security， 2023， 22（5）： 1125-1162.
90	QASSIM Q， PATEL A， MOHD-ZIN A. Strategy to reduce false alarms in intrusion detection and prevention systems［J］. The International Arab Journal of Information Technology， 2014， 11（5）： 500-506.
91	AHMAD R， ALSMADI I， ALHAMDANI W， et al. Zero-day attack detection： a systematic literature review［J］. Artificial Intelligence Review， 2023， 56（10）： 10733-10811.
92	DUESSEL P， GEHL C， FLEGEL U， et al. Detecting zero-day attacks using context-aware anomaly detection at the application-layer［J］. International Journal of Information Security， 2017， 16（5）： 475-490.
93	NETO E C P， DADKHAH S， FERREIRA R， et al. CICIoT2023： a real-time dataset and benchmark for large-scale attacks in IoT environment［J］. Sensors， 2023， 23（13）： No.5941.
94	ALDRIBI A， TRAORE I， QUINAN P G， et al. Documentation for the ISOT Cloud Intrusion Detection benchmark dataset （ISOT-CID）［EB/OL］. ［2023-12-10］..
95	MIAH M O， SHAHRIAR KHAN S， SHATABDA S， et al. Improving detection accuracy for imbalanced network intrusion classification using cluster-based under-sampling with random forests［C］// Proceedings of the 1st International Conference on Advances in Science， Engineering and Robotics Technology. Piscataway： IEEE， 2019： 1-5.
96	HE M， HUANG Y， WANG X， et al. A lightweight and efficient IoT intrusion detection method based on feature grouping［J］. IEEE Internet of Things Journal， 2024， 11（2）： 2935-2949.
97	JANATI IDRISSI M， ALAMI H， MAHDAOUY A EL， et al. Fed-ANIDS： federated learning for anomaly-based network intrusion detection systems［J］. Expert Systems with Applications， 2023， 234： No.121000.
98	LI S， CAO Y， LIU S， et al. HDA-IDS：a Hybrid DoS Attacks Intrusion Detection System for IoT by using semi-supervised CL-GAN［J］. Expert Systems with Applications， 2024， 238（Pt F）： No.122198.
99	LATIF S， BOULILA W， KOUBAA A， et al. DTL-IDS： an optimized Intrusion Detection Framework using Deep Transfer Learning and Genetic Algorithm［J］. Journal of Network and Computer Applications， 2024， 221： No.103784.
100	李贝贝，宋佳芮，杜卿芸，等. DRL-IDS：基于深度强化学习的工业物联网入侵检测系统［J］. 计算机科学， 2021， 48（7）： 47-54.
	LI B B， SONG J R， DU Q Y， et al. DRL-IDS： deep reinforcement learning based intrusion detection system for Industrial Internet of Things［J］. Computer Science， 2021， 48（7）： 47-54.
101	MOHY-EDDINE M， GUEZZAZ A， BENKIRANE S， et al. An effective intrusion detection approach based on ensemble learning for IIoT edge computing［J］. Journal of Computer Virology and Hacking Techniques， 2023， 19： 469-481.
102	ASHARF J， MOUSTAFA N， KHURSHID H， et al. A review of intrusion detection systems using machine and deep learning in internet of things： challenges， solutions and future directions［J］. Electronics， 2020， 9（7）： No.1177.

模型	文献	方法	数据集	性能
RNN	［27］	XGBoost+RNN/LSTM/GRU	NSL-KDD，UNSW-NB15	XGBoost LSTM在NSL-KDD数据集上的准确率88.13%； XGBoost RNN在UNSW-NB15数据集上的准确率87.07%
	［31］	AE+LSTM	NSL-KDD	Acc：89%
	［32］	AE+GRU	NSL-KDD，UNSW-NB15	在NSL-KDD和UNSW-NB15数据集上，准确率分别为89.54%和88.39%
AE	［35］	SCAE+SVM	NSL-KDD	Acc：89.93%，Recall：89.93%，f-measure：96.94%
	［38］	CVAE+CNN/GRU	CSE-CIC-IDS 2018^［24］	CSE-IC-IDS 2018数据集的准确率分别为98.58%和98.56%
	［40］	SAE/SSAE/DAE/ContAE/CAE	UNSW-NB15	Acc： 87.16%，87.36%，86.05%，88.48%，86.66%
DBM	［41］	DBM+Softmax	NSL-KDD	Acc：93.52%
	［42］	RBM+SVM/DT/RF	NSL-KDD	Acc：83.05%，81.89%，79.87%
	［43］	RBM+3WD	NSL-KDD	Acc：96.1%
DBN	［45］	DBN+SVM	CICIDS 2017	Acc：97.74%，Recall：97.68%，f-measure：97.68%
DBN	［46］	DBN+LSTM	KDD99， CICIDS 2017	在KDD99和CICIDS 2017数据集上，准确率分别为94.80%和86.35%
CNN	［49］	CNN+BiLSTM	NSL-KDD	Acc：99.31%
	［50］	MECNN	AWID^［68］，CIC-IDS2017	在AWID和CIC-IDS2017数据集上，准确率分别为99.96%和99.84%
	［53］	CANET	NSL-KDD，UNSW-NB15	在NSL-KDD和UNSW-NB15数据集上，准确率分别为99.74%和89.39%
GAN	［57］	GAN+CNN	NSL-KDD，UNSW-NB15	在NSL-KDD和UNSW-NB15数据集上，准确率分别为93.2%和87%
GAN	［58］	B-GAN+LSTM	SWaT^［69］	Acc：90.97%
GNN	［60］	E-GraphSAGE	BoT-IoT^［70］，TON-IOT^［71］	在BoT-IoT和TON-IoT数据集上，准确率分别为99.99%和97.87%
	［62］	E-GraphSAGE M/E-ResGAT	TON-IOT	Acc：99.88%，99.88%
	［63］	Anomal-E	NF-UNSW-NB15-v2^［72-73］	Acc：98.18%

模型	文献	方法	数据集	性能
RNN	［27］	XGBoost+RNN/LSTM/GRU	NSL-KDD，UNSW-NB15	XGBoost LSTM在NSL-KDD数据集上的准确率88.13%； XGBoost RNN在UNSW-NB15数据集上的准确率87.07%
	［31］	AE+LSTM	NSL-KDD	Acc：89%
	［32］	AE+GRU	NSL-KDD，UNSW-NB15	在NSL-KDD和UNSW-NB15数据集上，准确率分别为89.54%和88.39%
AE	［35］	SCAE+SVM	NSL-KDD	Acc：89.93%，Recall：89.93%，f-measure：96.94%
	［38］	CVAE+CNN/GRU	CSE-CIC-IDS 2018^［24］	CSE-IC-IDS 2018数据集的准确率分别为98.58%和98.56%
	［40］	SAE/SSAE/DAE/ContAE/CAE	UNSW-NB15	Acc： 87.16%，87.36%，86.05%，88.48%，86.66%
DBM	［41］	DBM+Softmax	NSL-KDD	Acc：93.52%
	［42］	RBM+SVM/DT/RF	NSL-KDD	Acc：83.05%，81.89%，79.87%
	［43］	RBM+3WD	NSL-KDD	Acc：96.1%
DBN	［45］	DBN+SVM	CICIDS 2017	Acc：97.74%，Recall：97.68%，f-measure：97.68%
DBN	［46］	DBN+LSTM	KDD99， CICIDS 2017	在KDD99和CICIDS 2017数据集上，准确率分别为94.80%和86.35%
CNN	［49］	CNN+BiLSTM	NSL-KDD	Acc：99.31%
	［50］	MECNN	AWID^［68］，CIC-IDS2017	在AWID和CIC-IDS2017数据集上，准确率分别为99.96%和99.84%
	［53］	CANET	NSL-KDD，UNSW-NB15	在NSL-KDD和UNSW-NB15数据集上，准确率分别为99.74%和89.39%
GAN	［57］	GAN+CNN	NSL-KDD，UNSW-NB15	在NSL-KDD和UNSW-NB15数据集上，准确率分别为93.2%和87%
GAN	［58］	B-GAN+LSTM	SWaT^［69］	Acc：90.97%
GNN	［60］	E-GraphSAGE	BoT-IoT^［70］，TON-IOT^［71］	在BoT-IoT和TON-IoT数据集上，准确率分别为99.99%和97.87%
	［62］	E-GraphSAGE M/E-ResGAT	TON-IOT	Acc：99.88%，99.88%
	［63］	Anomal-E	NF-UNSW-NB15-v2^［72-73］	Acc：98.18%

模型	优点	功能	适用情况
RNN	捕捉网络流量中的时序特征	特征提取；分类	时序数据、网络流量等具有序列结构的数据
AE	自动学习数据中的有用特征；无监督学习	特征提取；数据降维；去噪	数据集较大，特征维数较多
RBM	实现数据降维，以及可以无监督学习	特征提取；数据降维；去噪
DBN	学习特征的深层次信息，具有较强的泛化能力。	特征提取；分类
CNN	更好地提取目标特征，提高入侵检测模型的计算效率	特征提取；分类	抓取网络流量的空间特征，作为高准确率的分类器
GAN	并生成少数类数据，处理数据集不平衡	数据增强；对抗训练	数据集不平衡
GNN	更好地捕获网络流量中的结构性行为，学习网络节点中的复杂关系和特征，动态检测攻击	分类	涉及网络结构和节点关系的场景

模型	优点	功能	适用情况
RNN	捕捉网络流量中的时序特征	特征提取；分类	时序数据、网络流量等具有序列结构的数据
AE	自动学习数据中的有用特征；无监督学习	特征提取；数据降维；去噪	数据集较大，特征维数较多
RBM	实现数据降维，以及可以无监督学习	特征提取；数据降维；去噪
DBN	学习特征的深层次信息，具有较强的泛化能力。	特征提取；分类
CNN	更好地提取目标特征，提高入侵检测模型的计算效率	特征提取；分类	抓取网络流量的空间特征，作为高准确率的分类器
GAN	并生成少数类数据，处理数据集不平衡	数据增强；对抗训练	数据集不平衡
GNN	更好地捕获网络流量中的结构性行为，学习网络节点中的复杂关系和特征，动态检测攻击	分类	涉及网络结构和节点关系的场景

[1]	Zhiqiang REN, Xuebin CHEN. FedAud： adaptive defense mechanism based on historical model updates [J]. Journal of Computer Applications, 2025, 45(2): 490-496.
[2]	Tianqi ZHANG, Shuang TAN, Xiwen SHEN, Juan TANG. Image watermarking method combining attention mechanism and multi-scale feature [J]. Journal of Computer Applications, 2025, 45(2): 616-623.
[3]	Zirong HONG, Guangqing BAO. Review of radar automatic target recognition based on ensemble learning [J]. Journal of Computer Applications, 2025, 45(2): 371-382.
[4]	Zhongwei ZHANG, Jun WANG, Shudong LIU, Zhiheng WANG. Object detection in remote sensing image based on multi-scale feature fusion and weighted boxes fusion [J]. Journal of Computer Applications, 2025, 45(2): 633-639.
[5]	Dixin WANG, Jiahao WANG, Min LI, Hao CHEN, Guangyao HU, Yu GONG. Abnormal attack detection for underwater acoustic communication network [J]. Journal of Computer Applications, 2025, 45(2): 526-533.
[6]	Songsen YU, Zhifan LIN, Guopeng XUE, Jianyu XU. Lightweight large-format tile defect detection algorithm based on improved YOLOv8 [J]. Journal of Computer Applications, 2025, 45(2): 647-654.
[7]	Danni DING, Bo PENG, Xi WU. VPNet： fatty liver ultrasound image classification method inspired by ventral pathway [J]. Journal of Computer Applications, 2025, 45(2): 662-669.
[8]	Yan LI, Guanhua YE, Yawen LI, Meiyu LIANG. Enterprise ESG indicator prediction model based on richness coordination technology [J]. Journal of Computer Applications, 2025, 45(2): 670-676.
[9]	Siqi ZHANG, Jinjun ZHANG, Tianyi WANG, Xiaolin QIN. Deep temporal event detection algorithm based on signal temporal logic [J]. Journal of Computer Applications, 2025, 45(1): 90-97.
[10]	Pengcheng SONG, Lijun GUO, Rong ZHANG. Weakly supervised video anomaly detection with local-global temporal dependency [J]. Journal of Computer Applications, 2025, 45(1): 240-246.
[11]	Zongsheng ZHENG, Jia DU, Yuhe CHENG, Zecheng ZHAO, Yuewei ZHANG, Xulong WANG. Cross-modal dual-stream alternating interactive network for infrared-visible image classification [J]. Journal of Computer Applications, 2025, 45(1): 275-283.
[12]	Xinran XU, Shaobing ZHANG, Miao CHENG, Yang ZHANG, Shang ZENG. Bearings fault diagnosis method based on multi-pathed hierarchical mixture-of-experts model [J]. Journal of Computer Applications, 2025, 45(1): 59-68.
[13]	Jietao LIANG, Bing LUO, Lanhui FU, Qingling CHANG, Nannan LI, Ningbo YI, Qi FENG, Xin HE, Fuqin DENG. Point cloud registration method based on coordinate geometric sampling [J]. Journal of Computer Applications, 2025, 45(1): 214-222.
[14]	Yan YAN, Xingying QIAN, Pengbin YAN, Jie YANG. Federated learning-based statistical prediction and differential privacy protection method for location big data [J]. Journal of Computer Applications, 2025, 45(1): 127-135.
[15]	Shunyong LI, Shiyi LI, Rui XU, Xingwang ZHAO. Incomplete multi-view clustering algorithm based on self-attention fusion [J]. Journal of Computer Applications, 2024, 44(9): 2696-2703.

Summary of network intrusion detection systems based on deep learning

基于深度学习的网络入侵检测系统综述

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 7

References 102

Related Articles 15

Recommended Articles

Metrics